UN, Skype, Oracle Sites Hacked

D35m0nd142 says he found SQL injection vulnerabilities in all three Web sites.

Posted February 29, 2012

Share

Hacker D35m0nd142 recently uncovered vulnerabilities in the official Web sites for the UN, Skype and Oracle.

"On the official Skype site, the hacker found Blind SQL injection vulnerabilities that allowed him to access their webserver," writes Softpedia's Eduard Kovacs.

"A similar vulnerability was discovered on Oracle’s community site, theoretically allowing ill-purposed hackers to cause some serious damage," Kovacs writes. "By leveraging an MSSQL injection flaw, he managed to bypass the security protocols implemented by the United Nations site’s administrators."